[DISCUSSION] Windows 11 Enterprise/IoT Enterprise (N) LTSC 2024 (24H2 / 26100.x)

Discussion in 'Windows 11' started by Enthousiast, Apr 26, 2024.

  1. Supern00b

    Supern00b MDL Addicted

    Dec 30, 2010
    768
    560
    30
    I also did a thing.
    I used W10MUI from Abbodi1406, it integrated the language pack and also the LCU.
    Now I have a Spanish LA (es-MX) image.

    Cheers.
     
  2. pm67310

    pm67310 MDL Guru

    Sep 6, 2011
    3,875
    3,149
    120
    Check my signature .. bypass v6
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. wonderboy

    wonderboy MDL Junior Member

    Jul 23, 2010
    51
    7
    0
    thanks so much
     
  4. liliactr

    liliactr MDL Addicted

    Sep 3, 2009
    686
    262
    30
    Your profile page closed how could we do that
     
  5. pm67310

    pm67310 MDL Guru

    Sep 6, 2011
    3,875
    3,149
    120
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. leandronbfake

    leandronbfake MDL Novice

    Nov 8, 2012
    5
    1
    0
    Hi guys, i was a long time user of windows 10 2016 ltsb, for me it was perfect, but i had to install windows 10 pro later. Now i am at windows 11 pro and want to return to ltsc versions because is not stable as windows 10 was on my hardware.
    I am deciding if i should use w11 ltsc 2024 iot or the w10 ltsc 2021 iot. Have anyone here used both and could say which one could be better?
    I prefer a PC with minimal bloat that runs almost all the time without shutdown, just sleep mode, but windows 11 fixed some bugs i had with windows 10 pro, like windows explorer crashes, random waking up after sleep and never going back to sleep like something was preventing the pc going to sleep. Windows 11 fixed most of the issues i had, but introduced some other issues mostly on usability, like the context menu overly simplified, etc.

    So, have anyone tested both LTSC 2021 and 2024? Which would you pick and why?
     
  7. Enthousiast

    Enthousiast MDL Tester

    Oct 30, 2009
    54,966
    125,939
    450
    Atm i run IoT Enterprise 2021 LTSC on my 2 main systems and my main laptop.

    Thinking of switching to 2024 on my Beast because i need to keep an eye on the latest release to make helping others easier but for my usage 2021 is fine.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. leandronbfake

    leandronbfake MDL Novice

    Nov 8, 2012
    5
    1
    0
    I read that some store apps are requiring a higher build number than ltsc 2021 have right now, is it true? I still need some apps from store like whatsapp and icloud.
     
  9. Enthousiast

    Enthousiast MDL Tester

    Oct 30, 2009
    54,966
    125,939
    450
    Store apps should not even be on LTSB/C, that was one of the main reasons to run LTSB/C, the lack of store and the apps, besides the long term servicing.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. leandronbfake

    leandronbfake MDL Novice

    Nov 8, 2012
    5
    1
    0
    Even with store installed later, ltsb was far more stable than regular windows for me. I will try to return to ltsc 2021, and everything goes smooth i think i will keep it installed instead of ltsc 2024.
     
  11. Enthousiast

    Enthousiast MDL Tester

    Oct 30, 2009
    54,966
    125,939
    450
    Store is not a factor for stable or not, most, if not all, don't want to have the store because of the profiling and that is the reason they like to run LTSB/C and when putting back the store in it is just the same as running normal enterprise or education.

    I know about the longer support but i don't know of any LTSB lover who praised 2015 LTSB who still runs it;):D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. Enthousiast

    Enthousiast MDL Tester

    Oct 30, 2009
    54,966
    125,939
    450
    #1134 Enthousiast, Jul 10, 2024
    Last edited: Jul 10, 2024
    (OP)
    Server OS doesn't need any by[ass last time i checked.

    IoT Enterprise 2024 LTSC doesn't need any fix either.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. Braintrash

    Braintrash MDL Novice

    Jul 29, 2015
    5
    4
    0
    Since I definitely don't use that, then it is good news, thank you!
     
  14. xbreakx

    xbreakx MDL Novice

    Sep 21, 2015
    4
    1
    0
    What's the RAM usage without running any program? I want to install this version of Win.

    Processor: i7-8550U CPU @ 1.80GHz 1.99 GHz
    RAM: 16.0 GB
     
  15. redsunset

    redsunset MDL Member

    Mar 16, 2022
    198
    98
    10
    Almost 4GB with some background apps on my 16gb system.
     
  16. xbreakx

    xbreakx MDL Novice

    Sep 21, 2015
    4
    1
    0
    As I understand, it's less than 4GB.

    I have Win 11 Home 23H2 and it's almost 5GB without running any program except task manager.
     
  17. Sum_Ting_Wong

    Sum_Ting_Wong MDL Member

    Jan 30, 2024
    165
    239
    10
    #1139 Sum_Ting_Wong, Jul 11, 2024
    Last edited: Jul 11, 2024
    Here is my full setup, which will bring almost all Windows/Edge settings to nearly Linux-tier, and apply the personalization shown. I'd say I'm about 99% complete by this point, and it's arguably an hour's worth of work max from being enterprise-deployment safe.

    Also included (here, not in the .7z) is a .ps1 file for blocking commonly exploited ports for both in/out and udp/tcp.
    upload_2024-7-11_1-31-53.png
    Code:
    # Blocks the most commonly exploited ports, and unblocks them for debugging access issues.
    
    # Define the ports to be blocked
    $ports = "20,22-23,25,43-46,48-50,52,54,56,63,70,77,79,81,85-87,90,96-99,101-103,105-107,109-111,113,135,137-139,445,666,1433-1434,1900,3000,5353,5900,6379,11211"
    
    # Expand port ranges
    $expandedPorts = $ports -split ',' | ForEach-Object {
        if ($_ -match '(\d+)-(\d+)') {
            $startPort = [int]$matches[1]
            $endPort = [int]$matches[2]
            $startPort..$endPort -join ','
        } else {
            $_
        }
    }
    
    # Join all ports into a single comma-separated list
    $allPorts = $expandedPorts -join ','
    
    # Define the names of the rules
    $ruleNames = @(
        "Block TCP Ports Inbound",
        "Block UDP Ports Inbound",
        "Block TCP Ports Outbound",
        "Block UDP Ports Outbound"
    )
    
    # Function to display the banner
    function Display-Banner {
        Write-Host ""
        Write-Host "========================================" -ForegroundColor Cyan
        Write-Host "    Firewall Port Blocking Utility      " -ForegroundColor Red
        Write-Host "========================================" -ForegroundColor Cyan
        Write-Host ""
    }
    
    # Function to display the ports
    function Display-Ports {
        Write-Host "This will block vulnerable ports."
        Write-Host "Ports list:" -ForegroundColor Yellow
        Write-Host $allPorts -ForegroundColor Magenta
        Write-Host "Optional:" -ForegroundColor Yellow
        Write-Host "21" -ForegroundColor Magenta
    }
    
    # Function to block ports
    function Block-Ports {
        netsh advfirewall firewall add rule name="Block TCP Ports Inbound" dir=in action=block protocol=TCP localport=$allPorts
        netsh advfirewall firewall add rule name="Block UDP Ports Inbound" dir=in action=block protocol=UDP localport=$allPorts
        netsh advfirewall firewall add rule name="Block TCP Ports Outbound" dir=out action=block protocol=TCP localport=$allPorts
        netsh advfirewall firewall add rule name="Block UDP Ports Outbound" dir=out action=block protocol=UDP localport=$allPorts
        Write-Host "Ports have been blocked." -ForegroundColor Green
    }
    
    # Function to block ports with FTP
    function Block-Ports-With-FTP {
        $allPortsWithFTP = $allPorts + ",21"
        netsh advfirewall firewall add rule name="Block TCP Ports Inbound" dir=in action=block protocol=TCP localport=$allPortsWithFTP
        netsh advfirewall firewall add rule name="Block UDP Ports Inbound" dir=in action=block protocol=UDP localport=$allPortsWithFTP
        netsh advfirewall firewall add rule name="Block TCP Ports Outbound" dir=out action=block protocol=TCP localport=$allPortsWithFTP
        netsh advfirewall firewall add rule name="Block UDP Ports Outbound" dir=out action=block protocol=UDP localport=$allPortsWithFTP
        Write-Host "Ports (including FTP) have been blocked." -ForegroundColor Green
    }
    
    # Function to unblock ports
    function Unblock-Ports {
        foreach ($ruleName in $ruleNames) {
            netsh advfirewall firewall delete rule name="$ruleName"
        }
        Write-Host "Ports have been unblocked." -ForegroundColor Green
    }
    
    # Function to check if the script is running as an administrator
    function Test-Administrator {
        $user = [Security.Principal.WindowsIdentity]::GetCurrent()
        (New-Object Security.Principal.WindowsPrincipal $user).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
    }
    
    # Check if the script is running as an administrator
    if (-not (Test-Administrator)) {
        Write-Host "This script requires administrative privileges. Please run it as an administrator." -ForegroundColor Red
        Write-Host "Press any key to exit..."
        $null = $Host.UI.RawUI.ReadKey('NoEcho,IncludeKeyDown')
        exit
    }
    
    # Main script logic
    Display-Banner
    Display-Ports
    
    while ($true) {
        Write-Host "`nPlease select an option:" -ForegroundColor Cyan
        Write-Host "0 - Exit" -ForegroundColor Yellow
        Write-Host "1 - Block defined ports" -ForegroundColor Yellow
        Write-Host "2 - Block defined ports (w/ FTP)" -ForegroundColor Yellow
        Write-Host "3 - Unblock defined ports" -ForegroundColor Yellow
        $choice = Read-Host "Enter your choice"
    
        switch ($choice) {
            0 {
                Write-Host "Exiting the script." -ForegroundColor Green
                break
            }
            1 {
                Block-Ports
            }
            2 {
                Block-Ports-With-FTP
            }
            3 {
                Unblock-Ports
            }
            default {
                Write-Host "Invalid choice. Please try again." -ForegroundColor Red
            }
        }
    }
    
    # githubgist
    The hklm_pers.reg will add this feature, but for those who won't be using the full .7z files you might like it.
    Code:
    Windows Registry Editor Version 5.00
    
    [HKEY_CLASSES_ROOT\SystemFileAssociations\.ps1\Shell\RunAs]
    @="Run as administrator"
    "HasLUAShield"=""
    
    [HKEY_CLASSES_ROOT\SystemFileAssociations\.ps1\Shell\RunAs\Command]
    @="powershell.exe -File \"%1\""
     

    Attached Files:

  18. Fowler

    Fowler MDL Member

    Apr 1, 2013
    139
    115
    10
    Az egyik laptopomon ez:
     

    Attached Files:

    • T460.png
      T460.png
      File size:
      213.8 KB
      Views:
      158
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...